Merge branch 'dtls-support-in-tls-proxy' into dtls1.3-pr

fwh-dc · Jan 23, 2024 · ac6b240 · ac6b240
2 parents 459f64f + 51291de
commit ac6b240
Show file tree

Hide file tree

Showing 160 changed files with 5,204 additions and 765 deletions.
diff --git a/.github/workflows/interop-tests.yml b/.github/workflows/interop-tests.yml
@@ -0,0 +1,52 @@
+# Notes:
+# /__w/openssl is the path that github bind-mounts into the container so the ci
+# filesystem for this job can be reached.  Please note that any changes made to
+# this job involving file system paths should be made prefixed with, or relative
+# to that directory
+name: Interoperability tests with GnuTLS and NSS
+on:
+  schedule:
+    - cron: '0 6 * * *'
+jobs:
+  test:
+    runs-on: ubuntu-22.04
+    container:
+      image: docker.io/fedora:39
+      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0
+    timeout-minutes: 90
+    strategy:
+      fail-fast: false
+      matrix:
+        COMPONENT: [gnutls, nss]
+    env:
+      COMPONENT: ${{ matrix.COMPONENT }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Display environment
+        run: export
+      - name : Install needed tools
+        run: |
+          dnf -y install perl gcc rpmdevtools dnf-utils make tmt-all beakerlib \
+                 fips-mode-setup crypto-policies-scripts
+      - name: install interop tests
+        run: |
+          cd ${GITHUB_WORKSPACE}
+          git clone --branch=openssl --depth=1 https://gitlab.com/redhat-crypto/tests/interop.git
+      - name: build openssl as an rpm
+        run: |
+          mkdir -p /build/SPECS && cd /build && echo -e "%_topdir /build\n%_lto_cflags %{nil}" >~/.rpmmacros && rpmdev-setuptree
+          cd /build && cp ${GITHUB_WORKSPACE}/interop/openssl.spec SPECS/ && \
+          cd SPECS/ && source ${GITHUB_WORKSPACE}/VERSION.dat && \
+          sed -i "s/^Version: .*\$/Version: $MAJOR.$MINOR.$PATCH/" openssl.spec && \
+          sed -i 's/^Release: .*$/Release: dev/' openssl.spec
+          yum-builddep -y /build/SPECS/openssl.spec # just for sure nothing is missing
+          mkdir -p /build/SOURCES
+          tar --transform "s/^__w\/openssl\/openssl/openssl-$MAJOR.$MINOR.$PATCH/" -czf /build/SOURCES/openssl-$MAJOR.$MINOR.$PATCH.tar.gz /__w/openssl/openssl/
+          rpmbuild -bb /build/SPECS/openssl.spec
+          dnf install -y /build/RPMS/x86_64/openssl-*
+      - name: Run interop tests
+        run: |
+          cd interop
+          tmt run -av plans -n interop tests -f "tag: interop-openssl & tag: interop-$COMPONENT" provision -h local execute -h tmt --interactive
+          openssl version
+          echo "Finished - important to prevent unwanted output truncating"
diff --git a/CHANGES.md b/CHANGES.md
@@ -36,6 +36,17 @@ OpenSSL 3.3
 
     *Neil Horman*
 
+ * Added `-set_issuer` and `-set_subject` options to `openssl x509` to
+   override the Issuer and Subject when creating a certificate. The `-subj`
+   option now is an alias for `-set_subject`.
+
+    *Job Snijders, George Michaelson*
+
+ * OPENSSL_sk_push() and sk_<TYPE>_push() functions now return 0 instead of -1
+   if called with a NULL stack argument.
+
+   *Tomáš Mráz*
+
  * In `openssl speed`, changed the default hash function used with `hmac` from
    `md5` to `sha256`.
 
@@ -68,8 +79,69 @@ OpenSSL 3.3
 OpenSSL 3.2
 -----------
 
+### Changes between 3.2.0 and 3.2.1 [xx XXX xxxx]
+
+ * When function EVP_PKEY_public_check() is called on RSA public keys,
+   a computation is done to confirm that the RSA modulus, n, is composite.
+   For valid RSA keys, n is a product of two or more large primes and this
+   computation completes quickly. However, if n is an overly large prime,
+   then this computation would take a long time.
+
+   An application that calls EVP_PKEY_public_check() and supplies an RSA key
+   obtained from an untrusted source could be vulnerable to a Denial of Service
+   attack.
+
+   The function EVP_PKEY_public_check() is not called from other OpenSSL
+   functions however it is called from the OpenSSL pkey command line
+   application. For that reason that application is also vulnerable if used
+   with the "-pubin" and "-check" options on untrusted data.
+
+   To resolve this issue RSA keys larger than OPENSSL_RSA_MAX_MODULUS_BITS will
+   now fail the check immediately with an RSA_R_MODULUS_TOO_LARGE error reason.
+
+   ([CVE-2023-6237])
+
+   *Tomáš Mráz*
+
+ * Restore the encoding of SM2 PrivateKeyInfo and SubjectPublicKeyInfo to
+   have the contained AlgorithmIdentifier.algorithm set to id-ecPublicKey
+   rather than SM2.
+
+   *Richard Levitte*
+
+ * The POLY1305 MAC (message authentication code) implementation in OpenSSL
+   for PowerPC CPUs saves the contents of vector registers in different
+   order than they are restored. Thus the contents of some of these vector
+   registers is corrupted when returning to the caller. The vulnerable code is
+   used only on newer PowerPC processors supporting the PowerISA 2.07
+   instructions.
+
+   The consequences of this kind of internal application state corruption can
+   be various - from no consequences, if the calling application does not
+   depend on the contents of non-volatile XMM registers at all, to the worst
+   consequences, where the attacker could get complete control of the
+   application process. However unless the compiler uses the vector registers
+   for storing pointers, the most likely consequence, if any, would be an
+   incorrect result of some application dependent calculations or a crash
+   leading to a denial of service.
+
+   ([CVE-2023-6129])
+
+   *Rohan McLure*
+
+ * Disable building QUIC server utility when OpenSSL is configured with
+   `no-apps`.
+
+   *Vitalii Koshura*
+
 ### Changes between 3.1 and 3.2 [xx XXX xxxx]
 
+ * The EVP_PKEY_fromdata function has been augmented to allow for the derivation
+   of CRT (Chinese Remainder Theorem) parameters when requested.  See the
+   OSSL_PKEY_PARAM_DERIVE_FROM_PQ param in the EVP_PKEY-RSA documentation.
+
+   *Neil Horman*
+
  * The BLAKE2b hash algorithm supports a configurable output length
    by setting the "size" parameter.
 
@@ -20362,6 +20434,8 @@ ndif
 
 <!-- Links -->
 
+[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807

diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
@@ -2125,5 +2125,15 @@ my %targets = (
         inherit_from     => [ "vms-generic" ],
         bn_ops           => "SIXTY_FOUR_BIT",
         pointer_size     => "",
+    },
+    "vms-x86_64-p32" => {
+        inherit_from     => [ "vms-x86_64" ],
+        cflags           => add("/POINTER_SIZE=32"),
+        pointer_size     => "32",
+    },
+    "vms-x86_64-p64" => {
+        inherit_from     => [ "vms-x86_64" ],
+        cflags           => add("/POINTER_SIZE=64=ARGV"),
+        pointer_size     => "64",
     }
 );
diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
@@ -749,13 +749,15 @@ vmsconfig.pm : configdata.pm
         WRITE CONFIG "  shlib_version => '","{- $config{shlib_version} -}","',"
         WRITE CONFIG "  shlib_major => '","{- $config{shlib_major} -}","',"
         WRITE CONFIG "  shlib_minor => '","{- $config{shlib_minor} -}","',"
-        WRITE CONFIG "  no_shared => '","{- $disabled{shared} -}","',"
         WRITE CONFIG "  INSTALLTOP => '$(INSTALLTOP)',"
         WRITE CONFIG "  OPENSSLDIR => '$(OPENSSLDIR)',"
+        WRITE CONFIG ");"
+        WRITE CONFIG "our %target = ("
         WRITE CONFIG "  pointer_size => '","{- $target{pointer_size} -}","',"
         WRITE CONFIG ");"
-        WRITE CONFIG "our %target = ();"
-        WRITE CONFIG "our %disabled = ();"
+        WRITE CONFIG "our %disabled = ("
+        WRITE CONFIG "  shared => '","{- $disabled{shared} -}","',"
+        WRITE CONFIG ");"
         WRITE CONFIG "our %withargs = ();"
         WRITE CONFIG "our %unified_info = ();"
         WRITE CONFIG "1;"

diff --git a/Configure b/Configure
@@ -385,6 +385,12 @@ if (defined env($local_config_envname)) {
     }
 }
 
+# Fail if no configuration is apparent
+if (!%table) {
+    print "Failed to find any os/compiler configurations. Please make sure the Configurations directory is included.\n";
+    &usage;
+}
+
 # Save away perl command information
 $config{perl_cmd} = $^X;
 $config{perl_version} = $Config{version};

diff --git a/NEWS.md b/NEWS.md
@@ -29,7 +29,16 @@ OpenSSL 3.3
 OpenSSL 3.2
 -----------
 
-### Major changes between OpenSSL 3.1 and OpenSSL 3.2 [under development]
+### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development]
+
+  * Fixed Excessive time spent checking invalid RSA public keys
+    ([CVE-2023-6237])
+
+  * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
+    CPUs which support PowerISA 2.07
+    ([CVE-2023-6129])
+
+### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]
 
 OpenSSL 3.2.0 is a feature release adding significant new functionality to
 OpenSSL.
@@ -1576,6 +1585,8 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2023-6237]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6237
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807

diff --git a/VMS/openssl_ivp.com.in b/VMS/openssl_ivp.com.in
@@ -21,9 +21,9 @@ $	@'INSTALLTOP_'SYS$STARTUP]openssl_startup'v'
 $	@'INSTALLTOP_'SYS$STARTUP]openssl_utils'v'
 $
 $	IF F$SEARCH("OSSL$LIBCRYPTO''pz'") .EQS. "" -
-           .OR. F$SEARCH("OSSL$LIBSSL''pz'") .EQS. "" {- output_off() if $config{no_shared}; "" -}-
+           .OR. F$SEARCH("OSSL$LIBSSL''pz'") .EQS. "" {- output_off() if $disabled{shared}; "" -}-
            .OR. F$SEARCH("OSSL$LIBCRYPTO_SHR''pz'") .EQS. "" -
-           .OR. F$SEARCH("OSSL$LIBSSL_SHR''pz'") .EQS. "" {- output_on() if $config{no_shared}; "" -}-
+           .OR. F$SEARCH("OSSL$LIBSSL_SHR''pz'") .EQS. "" {- output_on() if $disabled{shared}; "" -}-
            .OR. F$SEARCH("OSSL$INCLUDE:[OPENSSL]crypto.h") .EQS. "" -
            .OR. F$SEARCH("OPENSSL:crypto.h") .EQS. "" -
            .OR. F$SEARCH("OSSL$EXE:OPENSSL''v'.EXE") .EQS. ""

diff --git a/VMS/openssl_shutdown.com.in b/VMS/openssl_shutdown.com.in
@@ -39,19 +39,19 @@ $	DEAS OSSL$MODULES'pz'
 $	DEAS OSSL$EXE
 $	DEAS OSSL$LIBCRYPTO'pz'
 $	DEAS OSSL$LIBSSL'pz'
-${- output_off() if $config{no_shared}; "" -}
+${- output_off() if $disabled{shared}; "" -}
 $	DEAS OSSL$LIBCRYPTO'sv'_SHR'pz'
 $	DEAS OSSL$LIBSSL'sv'_SHR'pz'
-${- output_on() if $config{no_shared}; "" -}
+${- output_on() if $disabled{shared}; "" -}
 $	DEAS OPENSSL
 $
 $	IF P2 .NES. "NOALIASES"
 $	THEN
 $	    DEAS OSSL$ENGINES'pz'
-${- output_off() if $config{no_shared}; "" -}
+${- output_off() if $disabled{shared}; "" -}
 $	    DEAS OSSL$LIBCRYPTO_SHR'pz'
 $	    DEAS OSSL$LIBSSL_SHR'pz'
-${- output_on() if $config{no_shared}; "" -}
+${- output_on() if $disabled{shared}; "" -}
 $	ENDIF
 $
 $	EXIT 'status'
diff --git a/VMS/openssl_startup.com.in b/VMS/openssl_startup.com.in
@@ -103,19 +103,19 @@ $	DEF  OSSL$EXE			OSSL$INSTROOT:[EXE.'arch'],-
 					OSSL$INSTROOT:[EXE]
 $	DEF  OSSL$LIBCRYPTO'pz'		OSSL$LIB:OSSL$LIBCRYPTO'pz'.OLB
 $	DEF  OSSL$LIBSSL'pz'		OSSL$LIB:OSSL$LIBSSL'pz'.OLB
-${- output_off() if $config{no_shared}; "" -}
+${- output_off() if $disabled{shared}; "" -}
 $	DEF  OSSL$LIBCRYPTO'sv'_SHR'pz'	OSSL$SHARE:OSSL$LIBCRYPTO'sv'_SHR'pz'.EXE
 $	DEF  OSSL$LIBSSL'sv'_SHR'pz'	OSSL$SHARE:OSSL$LIBSSL'sv'_SHR'pz'.EXE
-${- output_on() if $config{no_shared}; "" -}
+${- output_on() if $disabled{shared}; "" -}
 $	DEF  OPENSSL			OSSL$INCLUDE:[OPENSSL]
 $
 $	IF P2 .NES. "NOALIASES"
 $	THEN
 $	    DEF OSSL$ENGINES'pz'	OSSL$ENGINES'sv''pz'
-${- output_off() if $config{no_shared}; "" -}
+${- output_off() if $disabled{shared}; "" -}
 $	    DEF OSSL$LIBCRYPTO_SHR'pz'	OSSL$LIBCRYPTO'sv'_SHR'pz'
 $	    DEF OSSL$LIBSSL_SHR'pz'	OSSL$LIBSSL'sv'_SHR'pz'
-${- output_on() if $config{no_shared}; "" -}
+${- output_on() if $disabled{shared}; "" -}
 $	ENDIF
 $
 $ bailout:

diff --git a/apps/lib/s_socket.c b/apps/lib/s_socket.c
@@ -208,7 +208,7 @@ int init_client(int *sock, const char *host, const char *port,
 
         hostname = BIO_ADDR_hostname_string(BIO_ADDRINFO_address(ai), 1);
         if (hostname != NULL) {
-            BIO_printf(bio_out, "Connecting to %s\n", hostname);
+            BIO_printf(bio_err, "Connecting to %s\n", hostname);
             OPENSSL_free(hostname);
         }
         /* Remove any stale errors from previous connection attempts */

diff --git a/apps/s_server.c b/apps/s_server.c
@@ -1728,6 +1728,11 @@ int s_server_main(int argc, char *argv[])
         BIO_printf(bio_err, "Can only use -listen with DTLS\n");
         goto end;
     }
+
+    if (rev && socket_type == SOCK_DGRAM) {
+        BIO_printf(bio_err, "Can't use -rev with DTLS\n");
+        goto end;
+    }
 #endif
 
     if (tfo && socket_type != SOCK_STREAM) {

diff --git a/apps/s_time.c b/apps/s_time.c
@@ -310,7 +310,6 @@ int s_time_main(int argc, char **argv)
     }
     totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
 
-    i = (int)((long)time(NULL) - finishtime + maxtime);
     printf
         ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
          nConn, totalTime, ((double)nConn / totalTime), bytes_read);
@@ -338,7 +337,7 @@ int s_time_main(int argc, char **argv)
         buf_len = BIO_snprintf(buf, sizeof(buf), fmt_http_get_cmd, www_path);
         if (buf_len <= 0 || SSL_write(scon, buf, buf_len) <= 0)
             goto end;
-        while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
+        while (SSL_read(scon, buf, sizeof(buf)) > 0)
             continue;
     }
     SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);

diff --git a/apps/x509.c b/apps/x509.c
@@ -43,7 +43,7 @@ typedef enum OPTION_choice {
     OPT_INFORM, OPT_OUTFORM, OPT_KEYFORM, OPT_REQ, OPT_CAFORM,
     OPT_CAKEYFORM, OPT_VFYOPT, OPT_SIGOPT, OPT_DAYS, OPT_PASSIN, OPT_EXTFILE,
     OPT_EXTENSIONS, OPT_IN, OPT_OUT, OPT_KEY, OPT_SIGNKEY, OPT_CA, OPT_CAKEY,
-    OPT_CASERIAL, OPT_SET_SERIAL, OPT_NEW, OPT_FORCE_PUBKEY, OPT_SUBJ,
+    OPT_CASERIAL, OPT_SET_SERIAL, OPT_NEW, OPT_FORCE_PUBKEY, OPT_ISSU, OPT_SUBJ,
     OPT_ADDTRUST, OPT_ADDREJECT, OPT_SETALIAS, OPT_CERTOPT, OPT_DATEOPT, OPT_NAMEOPT,
     OPT_EMAIL, OPT_OCSP_URI, OPT_SERIAL, OPT_NEXT_SERIAL,
     OPT_MODULUS, OPT_PUBKEY, OPT_X509TOREQ, OPT_TEXT, OPT_HASH,
@@ -138,7 +138,9 @@ const OPTIONS x509_options[] = {
      "Number of days until newly generated certificate expires - default 30"},
     {"preserve_dates", OPT_PRESERVE_DATES, '-',
      "Preserve existing validity dates"},
-    {"subj", OPT_SUBJ, 's', "Set or override certificate subject (and issuer)"},
+    {"set_issuer", OPT_ISSU, 's', "Set or override certificate issuer"},
+    {"set_subject", OPT_SUBJ, 's', "Set or override certificate subject (and issuer)"},
+    {"subj", OPT_SUBJ, 's', "Alias for -set_subject"},
     {"force_pubkey", OPT_FORCE_PUBKEY, '<',
      "Key to be placed in new certificate or certificate request"},
     {"clrext", OPT_CLREXT, '-',
@@ -262,8 +264,8 @@ int x509_main(int argc, char **argv)
     EVP_PKEY *privkey = NULL, *CAkey = NULL, *pubkey = NULL;
     EVP_PKEY *pkey;
     int newcert = 0;
-    char *subj = NULL, *digest = NULL;
-    X509_NAME *fsubj = NULL;
+    char *issu = NULL, *subj = NULL, *digest = NULL;
+    X509_NAME *fissu = NULL, *fsubj = NULL;
     const unsigned long chtype = MBSTRING_ASC;
     const int multirdn = 1;
     STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
@@ -425,6 +427,9 @@ int x509_main(int argc, char **argv)
         case OPT_FORCE_PUBKEY:
             pubkeyfile = opt_arg();
             break;
+        case OPT_ISSU:
+            issu = opt_arg();
+            break;
         case OPT_SUBJ:
             subj = opt_arg();
             break;
@@ -651,6 +656,9 @@ int x509_main(int argc, char **argv)
             goto err;
         }
     }
+    if (issu != NULL
+            && (fissu = parse_name(issu, chtype, multirdn, "issuer")) == NULL)
+        goto end;
     if (subj != NULL
             && (fsubj = parse_name(subj, chtype, multirdn, "subject")) == NULL)
         goto end;
@@ -830,8 +838,13 @@ int x509_main(int argc, char **argv)
     if (reqfile || newcert || privkey != NULL || CAfile != NULL) {
         if (!preserve_dates && !set_cert_times(x, NULL, NULL, days))
             goto end;
-        if (!X509_set_issuer_name(x, X509_get_subject_name(issuer_cert)))
-            goto end;
+        if (fissu != NULL) {
+            if (!X509_set_issuer_name(x, fissu))
+                goto end;
+        } else {
+            if (!X509_set_issuer_name(x, X509_get_subject_name(issuer_cert)))
+                goto end;
+        }
     }
 
     X509V3_set_ctx(&ext_ctx, issuer_cert, x, NULL, NULL, X509V3_CTX_REPLACE);
@@ -1079,6 +1092,7 @@ int x509_main(int argc, char **argv)
     NCONF_free(extconf);
     BIO_free_all(out);
     X509_STORE_free(ctx);
+    X509_NAME_free(fissu);
     X509_NAME_free(fsubj);
     X509_REQ_free(req);
     X509_free(x);